Why do you think this is possible?

adminMay 15, 2014

Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is valid on the server. Why do you think this is possible?

PrepAway - Latest Free Exam Questions & Answers

A.
It works because encryption is performed at the application layer (single encryption key)

B.
It works because encryption is performed at the network layer (layer 1 encryption)

C.
Any cookie can be replayed irrespective of the session status

D.
The scenario is invalid as a secure cookie cannot be replayed

Explanation:
Single key encryption (conventional cryptography) uses a single word or phrase as the key. The same key is used by the sender to encrypt and the receiver to decrypt. Sender and receiver initially need to have a secure way of passing the key from one to the other. With TLS or SSL this would not be possible.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

One Comment on “Why do you think this is possible?”

Leave a Reply Cancel reply